infosec – Page 47 – Stilgherrian

13 July 201130 December 2011

Talking voicemail hacking on ABC TV’s â€œ7.30â€

I was interviewed by ABC TV’s current affairs program 7.30 yesterday for a story about voicemail hacking, More allegations against Murdoch media.

Interestingly, most of the soundbites we recorded were about how easy it is to access someone’s voicemail, but the resulting story was more about whether something like the News of the World scandal could already be happening in Australia.

Recording this piece was a pleasant reminder of working in daily live radio. The pace is kinda fun. The ABC called me at 2.15pm, and arranged for the crew to meet me at 3.15pm. We drove to a nearby park and recorded the main interview as well as the cutaways in a total of 45 minutes. And that was in between the noise of aircraft taking off, motor cycles, and pedestrians and cyclists walking between me and the camera.

I’m shown using both laptop and phone. Does that put me into the category of mouse-using TV expert?

12 July 201112 July 2011

Weekly Wrap 57

A weekly summary of what I’ve been doing elsewhere on the internets. Last week I said something’s gotta give. This week it gave.

Stress and exhaustion and a much lower productivity level than the previous two weeks has led to this post being two days late.

Podcasts

Patch Monday episode 95, “Malware? It’s just business!” Malware, these days, is so good that it simply has to be produced by professional development teams. As Yuval Ben-Itzhak, chief technology officer of AVG, explains, malware is distributed automatically, and runs on millions of target computers without causing any visible signs that something bad is happening.

Articles

Air-gap security an “enduring fairy tale”: Byres, for CSO. Further commentary on the security of industrial control systems from Eric Byres, essentially a follow-up to my Son of Stuxnet within a year: expert for ZDNet Australia.
Cyber threats the focus for Quintet of Attorneys-General, for CSO.

Media Appearances

None.

Corporate Largesse

On Monday 4 July I had an extremely long lunch with people who are continuing their interest in having me work with them on a forthcoming media project. I still can’t say much, except I will drop in one word: Television.

Elsewhere

Most of my day-to-day observations are on my high-volume Twitter stream, and random photos and other observations turn up on my Posterous stream. The photos also appear on Flickr, where I eventually add geolocation data and tags.

[Photo: The Wilds of Lilyfield, the view eastwards towards the Sydney CBD from the corner of Lilyfield and Balmain Roads.]

30 June 2011

Wanted: Your infosec war stories, anonymity preserved

Information security has an image problem, I reckon. No-one apart from the infosec geeks themselves know what’s really involved in hacking or fighting hackers. So the public thinks it’s all like the bullshit in movies.

Like Hugh Jackman creating a virus in Swordfish, pictured.

Does anyone remember the episode of Spooks where the office lights went out when the hacker breached the firewall?

Let’s fix that.

Let’s hear more about the real war stories. OK, everything has always gotta be so goddam SEKRIT! No-one wants to admit to an embarrassing problem. But I reckon we can tell some of these stories while leaving out the identifying details.

We don’t need to reveal which bank nearly had its data centre pwned by a 14-year-old Ukrainian, nor which vendor’s product provided the bloody great hole he came through. But we can certainly talk about the processes, the time pressures and the paranoia.

This week I’ve started writing for a certain as-yet-undisclosed masthead. I reckon we could do regular stories from the front line of cybersecurity. I’ve been told to go for it. And I reckon it’d be fun to write in a stronger narrative style for a change.

If you are, or know of, someone that I should meet for a few drinks in a quiet place while I take notes, please contact me.

30 June 2011

Talking business information security on BTalk podcast

Yesterday I was the guest on Phil Dobbie’s BTalk podcast at BNet Australia, a CBS Interactive masthead. The topic? Information security for small business.

I covered quite a bit of stuff fairly quickly. The state of anti-banking malware. Virus protection for smartphones. Password management. Encrypting you hard drives. Mandatory data breach notification laws. And more.

You can see the podcast in its written context as a BNet blog post, A Security Breach is Only a Matter of Time. Or you can just listen below.

Podcast: Play in new window | Download (9.0MB)

26 June 201102 December 2011

Weekly Wrap 55

A weekly summary of what I’ve been doing elsewhere on the internets. If last week was a bit thin, this week more than made up for it — and as I noted yesterday, I’m knackered.

Podcasts

Patch Monday episode 93, “Are we missing the bus on Gov 2.0 data?” A popular Sydney Buses app died when Sydney Transit cut off the data feed after just a few weeks, citing lack of server capacity. Developer Ben Hosken is disappointed, but he’s more concerned that developers aren’t making enough use of the government data on offer. I also speak with developers Benno Rice and Adrian Chadd.

Articles

The exploits of Freelancer.com, for Technology Spectator, in which I have yet another go at the immorality that is crowdsourcing.
AVG urges mandatory cybercrime reporting, for ZDNet Australia.
Forget Anonymous, LulzSec, the real bad guys are in your bank accounts, for Crikey.
Telstra backs the NBN, but the devil’s in the detail, for Crikey. This is essentially a straight news piece about the deal struck between Telstra, NBN Co and the government.

In addition to these, I wrote a fifth piece for ABC’s The Drum, but that hasn’t been published yet. And there’s a couple of pieces I’ve been working on that I must finish and file tomorrow.

Media Appearances

I did five radio spots this week, which is a record I think. Well, except for when I worked full time in radio, obviously.

On Tuesday I spoke with Louise Maher on ABC 666 Canberra about the photographic project Everyday Photographs, Extraordinary Journeys, which I inspired. Well, partly inspired.
On Thursday morning I spoke with Adelaide radio 1395 FIVEaa about the National Broadband Network. I’ve already posted the audio.
A little later on Thursday morning I spoke on ABC Radio National’s Life Matters about the current state of play in information security. I’ve already posted about that.
While I was talking live on Radio National, ABC North Coast NSW broadcast an interview with be about Facebook and Social Media that has been pre-recorded. Alas, I don’t have a copy.
On Thursday afternoon I spoke with ABC 774 Melbourne about Bitcoin a digital currency. And I’ve posted that audio too.

Corporate Largesse

None. We’ll have to fix that. Dear PR Operatives, my junket calendar for July is empty. You know what to do. I prefer an aisle seat.

Elsewhere

[Photo: The afternoon sunlight can be fierce at The Grand View, an image taken in The Grand View Hotel, Wentworth Falls, yesterday.]

25 June 201125 June 2011

Talking Bitcoin and digital currency on ABC 774 Melbourne

Bitcoin hit the news this week when it was alleged that an ABC employee had been using their computers to generate the digital currency.

On Thursday I gave this backgrounder to the ABC’s Lindy Burns. And yes, she did pronounce my name incorrectly. Her producer has had words.

Podcast: Play in new window | Download (Duration: 8:05 — 3.5MB)

The audio is Â©2011 Australian Broadcasting Corporation, but it hasn’t been posted on their website so here it is. In return, I reckon you might choose to listen to Lindy Burns’ drive program next week.